Class ClientPasswordLoginModule
- java.lang.Object
-
- com.sun.enterprise.security.auth.login.ClientPasswordLoginModule
-
- All Implemented Interfaces:
LoginModule
public class ClientPasswordLoginModule extends Object implements LoginModule
This client LoginModule obtains username/password credentials from TLS, a static variable, system properties or by asking the user for it interactively.
The obtained credentials are then merely stored into the subject, meaning this login module doesn't actually authenticate anything. It only moves credentials from a credential source to the subject. This is then used by for instance ProgrammaticLogin to store that subject into a security context. IIOP (Remote EJB code) can then fetch the credentials again from this security context and transfer them to a remote server, where actual authentication takes place.
- Author:
- Harpreet Singh ([email protected])
-
-
Field Summary
Fields Modifier and Type Field Description static String
LOGIN_NAME
static String
LOGIN_PASSWORD
-
Constructor Summary
Constructors Constructor Description ClientPasswordLoginModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
This method is called if the LoginContext's overall authentication failed.boolean
commit()
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).void
initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Initialize thisLoginModule
.boolean
login()
Attempt to obtain non-null credentials from various sources.boolean
logout()
Logout the user.
-
-
-
Field Detail
-
LOGIN_NAME
public static final String LOGIN_NAME
- See Also:
- Constant Field Values
-
LOGIN_PASSWORD
public static final String LOGIN_PASSWORD
- See Also:
- Constant Field Values
-
-
Method Detail
-
initialize
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options)
Initialize thisLoginModule
.- Specified by:
initialize
in interfaceLoginModule
- Parameters:
subject
- theSubject
in which the credentials will be stored if obtained successfully.callbackHandler
- aCallbackHandler
for communicating with the end user (prompting for usernames and passwords, for example).sharedState
- sharedLoginModule
state (unused)options
- options specified in the loginConfiguration
for this particularLoginModule
(unused)
-
login
public boolean login() throws LoginException
Attempt to obtain non-null credentials from various sources. If non-null one are obtained, store them in the Subject.- Specified by:
login
in interfaceLoginModule
- Returns:
- true in all cases since this
LoginModule
should not be ignored. - Throws:
FailedLoginException
- if the authentication fails.LoginException
- if thisLoginModule
is unable to perform the "authentication".
-
commit
public boolean commit() throws LoginException
This method is called if the LoginContext's overall authentication succeeded (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules succeeded).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
login
method), then this method associates aPrincipalImpl
with theSubject
located in theLoginModule
. If this LoginModule's own authentication attempted failed, then this method removes any state that was originally saved.- Specified by:
commit
in interfaceLoginModule
- Returns:
- true if this LoginModule's own login and commit attempts succeeded, or false otherwise.
- Throws:
LoginException
- if the commit fails.
-
abort
public boolean abort() throws LoginException
This method is called if the LoginContext's overall authentication failed. (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules did not succeed).
If this LoginModule's own authentication attempt succeeded (checked by retrieving the private state saved by the
login
andcommit
methods), then this method cleans up any state that was originally saved.- Specified by:
abort
in interfaceLoginModule
- Returns:
- false if this LoginModule's own login and/or commit attempts failed, and true otherwise.
- Throws:
LoginException
- if the abort fails.
-
logout
public boolean logout() throws LoginException
Logout the user.This method removes the
PrincipalImpl
that was added by thecommit
method.- Specified by:
logout
in interfaceLoginModule
- Returns:
- true in all cases since this
LoginModule
should not be ignored. - Throws:
LoginException
- if the logout fails.
-
-